| Server | nginx |
| Content-Type | text/html |
| Transfer-Encoding | chunked |
| Connection | keep-alive |
| Vary | Accept-Encoding |
| X-DNS-Prefetch-Control | off |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| Content-Security-Policy | default-src 'self'; img-src 'self' https://www.google-analytics.com https://maps.gstatic.com https://maps.googleapis.com https://csi.gstatic.com/ https://i.ytimg.com https://www.youtube-nocookie.com/ https://img.youtube.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://cdn.ravenjs.com https://maps.googleapis.com https://apis.google.com http://mc.us13.list-manage.com 'nonce-93da9698-a813-40c8-9eba-dbb0f2646b16'; style-src 'self' 'unsafe-inline'; connect-src 'self' https://sentry.duodesign.co.uk https://www.youtube-nocookie.com wss://gitpushlive.com wss://www.gitpushlive.com wss://www.gitpushlive.com:443 wss://gitpushlive.com:443; child-src 'self' blob: https://content.googleapis.com https://accounts.google.com https://www.youtube-nocookie.com; font-src 'self' data:; object-src |
| Strict-Transport-Security | max-age=86400 |
| X-Download-Options | noopen |
| X-XSS-Protection | 1; mode=block |
| set-cookie | _csrf=rHxraFe8-gnFHddcXJjWJ90CnLt1AAGnJ1mg; Max-Age=7200; Path=/; Expires=Wed, 28 Feb 2018 22:03:53 GMT
connect.sid=s%3A-3HpjF9nlMZihVHjsz3WHa_BjAoJj-Dh.YnkZrrVqn7f%2Fxa90PWcmTDl4b57qx2sxv8oMC1GOZes; Path=/; Expires=Wed, 28 Feb 2018 21:03:53 GMT; HttpOnly; Secure |
| Cache-Control | no-cache |
| Content-Encoding | gzip |